[kde-doc-english] [Bug 269552] New: “Web Access Protocol Discovery” ??

Christopher Yeleighton giecrilj at stegny.2a.pl
Sun Mar 27 16:55:06 CEST 2011


https://bugs.kde.org/show_bug.cgi?id=269552

           Summary: “Web Access Protocol Discovery”??
           Product: docs
           Version: unspecified
          Platform: openSUSE RPMs
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: Corrections
        AssignedTo: kde-doc-english at kde.org
        ReportedBy: giecrilj at stegny.2a.pl


Version:           unspecified (using KDE 4.6.0) 
OS:                Linux

The thing is called Web Proxy Auto-Discovery Protocol (WPAD).
Besides, it would really help if you described how to troubleshoot KPAC
problems.  Some info is in the source code [1].

Reproducible: Always

Steps to Reproduce:
  1. { xdg-open 'help:/kcontrol/proxy/index.html#authorization'; }

Actual Results:  
1.
  Automatically detect proxy configuration
  Select this option if you want the proxy setup configuration script file to
be automatically detected and downloaded.
  This option only differs from the next choice in that it does not require you
to supply the location of the configuration script file. Instead, it will be
automatically downloaded using “Web Access Protocol Discovery” (WAPD).

Expected Results:  
Web Proxy Auto Discovery (WPAD)
===============================

Automatic proxy discovery works in two steps:
1) Find a configuration script
2) Determine a proxy to use by running that script

The configuration script is a "PAC" (JavaScript) file just as in plain Proxy
Auto Configuration as described here:
http://home.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html

The WPAD part of the process (#1 above) described here is about how to find
this script without having the users enter its URL into the proxy settings.
(All they have to do in a WPAD-enabled network is to select "Automatically
detected script file" in KDE's proxy setup.

There are two alternative ways to discover the PAC script's URL implemented
in KDE:

1. DHCP based autodiscovery

    If you are running a DHCP server on your network anyway, you might
    want to use this approach; all you have to do is to add the WPAD
    option (numeric 252 or hex fc) as a string containing the URL to the
    PAC script.

    To do so with older versions of ISC dhcpd, add this to
    /etc/dhcpd.conf, either globally or just for the subnets you want to
    enable WPAD for:

    option option-252 "http://example.com/path/to/proxyconfig.pac";

    Or, for newer ISC dhcpd versions, add this globally:

    option wpad code 252 = text;

    and this either globally or for the WPAD subnets:

    option wpad "http://example.com/path/to/proxyconfig.pac";

    For other DHCP servers, please consult the reference manual on how
    to add an option by number if WPAD support is not built-in.

2. DNS based autodiscovery

    If you don't run a DHCP server or prefer DNS based discovery, you
    need to configure one of your hosts to have the name
    wpad.example.com and make sure the PAC script is available as
    http://wpad.example.com/wpad.dat If your network consists of several
    subdomains, like a.example.com and b.example.com you can either
    provide both http://a.example.com/wpad.dat and
    http://b.example.com/wpad.dat or just http://example.com/wpad.dat
    When a client searches for that script, it will search for a host
    named "wpad" in its own domain, then in the next higher level domain
    until success or if only the TLD is left (i.e. wpad.com will never
    be tried)

Note that DHCP is the preferred approach since it's more flexible than DNS
as it doesn't require a well known host name nor a fixed location
(/wpad.dat) for the PAC script. It is also the first method tried before
resorting to DNS, so if you use DNS there will be a noticeable delay of 5
seconds while waiting for a DHCP reply.

However, DHCP requires a helper program, kpac_dhcp_helper to be installed
suid root. If you consider this a security problem, just delete that program
or remove its suid permissions and use DNS instead. If the helper cannot
execute as root, the 5 seconds delay will also go away.

If you have further questions or comments, please contact me: Malte
Starostik <malte at kde.org>


OS: Linux (x86_64) release 2.6.37.1-1.2-desktop
Compiler: gcc

___
[1] <URL:
https://projects.kde.org/projects/kde/kdelibs/repository/revisions/master/raw/kio/misc/kpac/README.wpad
>

-- 
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.


More information about the kde-doc-english mailing list